Hand-held data processing devices are frequently wireless and allow users to communicate with a variety of other devices and systems. As part of such communication functionality, hand-held data processing devices generate and store data relating to the communications which have occurred using the hand-held devices. To improve operating functionality of such devices, the storage of certain data relating to communication information may be carried out using a cache. In such an arrangement, a hand-held data processing device includes a processor which operates in conjunction with a memory cache component in the device. The storage of data relating to device communication as entries in a fast access memory cache allows for operating efficiencies in the hand-held device.
For example, a device may allow for security certificate information to be stored as an entry in a cache to allow for faster access to such certificate information as part of secure communication operations carried out by the hand-held device. It is known to operate such caches in an ordered manner, such as a “move to front” cache in which the most recently accessed entry in the cache is placed at the front of the ordered cache.
Hand-held data processing device design includes the determination of what information is to be retained in caches, for how long, and whether to retain cache data when the device enters a locked state. With respect to the last design consideration, hand-held devices may be placed in a locked state in which much of the communication and other functionality of the device is disabled. Typically, a user must enter a password on the hand-held device to continue use of the device after it has been placed in a locked state (although certain functions, such as incoming telephone call reception may be permitted). The intention of the device entering the locked state is to heighten the security of the hand-held device. Unauthorized access is intended to be prevented by the device being placed in a locked state as it is intended that only the authorized user will be able to take the device out of the locked state by entering an appropriate password.
However, it is possible for attacks to take place on the security of the hand-held device even when the device is in a locked state. An unauthorized access to the device may allow a probe to be used to access the contents of memory on the device. Another type of attack involves a malicious application (“Trojan horse” software) being loaded on the device which will covertly execute to inspect the contents of device memory and make information about the memory contents available to an unauthorized attacker. To prevent information being extracted from a locked device, it is desirable to limit the information that is retained by the data in the device's memory cache when the device is in the locked state. To completely delete the data in the memory cache on entering a locked state, however, will mean inefficiencies are introduced in the operation of the hand-held device. In such a case, it would be necessary for the various memory caches on the device to be re-built whenever the hand-held device returns from a locked state. It is therefore the case in certain hand-held devices that the cache data is retained in the memory caches during the time that the device is in a locked state.
As set out above, such retained cache data may be subject to an unauthorized attack in which the memory cache is accessed. The information stored in the data in the cache is potentially placed at risk. In addition, traffic information relating to communications carried out by the hand-held device is potentially made available to the attacker if such communication information is stored in a cache. For such a cache in which the entries are ordered based on their most recent access, such as a move to front ordering, information about the recent communications of the hand-held device user will be available from an analysis of the location of entries in the relevant cache. Based on such information, an unauthorized access to the device may allow an attacker to determine traffic patterns for the device and hence provide knowledge of common communications carried out by the user.
It would accordingly be advantageous to provide a system and method to allow communication-related data to be retained in a hand-held device cache during a locked state but which makes difficult the acquisition of traffic pattern information by an unauthorized access of the hand-held device cached memory.